Security vulnerabilities stories
Security paradigms need a shift; as mobile work ensues, companies must pivot from endpoint protection to securing the actual users.
Businesses using PrinterLogic Print Management Software are urged to deploy 'always on' VPNs amid new vulnerabilities that risk remote attacks on workstations.
Over two million IoT devices, including security cameras and baby monitors, have critical security flaws, warns researcher Paul Marrapese.
Faced with an overload of 'critical' vulnerabilities, Tenable turns to predictive solutions, launching a tool that targets the top 3% of likely exploits.
Alex Nikolova made the discovery while conducting a research project on the same-origin policy of various web browsers.
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
Coinhive tops Check Point's Global Threat Index for February 2019, marking its 15th month as the most disruptive malware despite its impending shutdown.
Logitech backtracks on decision to remove firmware version of Harmony Hub, after critical security flaws were revealed. Millions of users affected.
GitHub's Bug Bounty program is now five years old and to mark the occasion it has revamped the program's scope, rewards, and new legal rules.
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Switzerland's postal service Swiss Post is inviting keen-eyed security experts and white hats to hack its e-voting system.
Xiaomi's M365 electric scooters pose severe risks due to Bluetooth security flaws, potentially allowing attackers to control and endanger riders.
This means any application handling PNG files that have been carefully crafted by an attacker can end up running the attacker's code.
Radiflow discovered that a serious vulnerability in the devices put the safety and availability of ICS networks in jeopardy.
A newly discovered flaw in Intel chips, dubbed Foreshadow, can lead attackers to access sensitive data from personal computers and cloud services.
A critical flaw in Microsoft's ADFS allows bypassing MFA, posing a severe risk, warns Okta's REX team. Urgent patching is recommended for users.
The Australian Prudential Regulation Authority's standard, CPS 234, is aimed at minimising the threat of cyber attacks for APRA-regulated entities.
CERT NZ's latest report shows cyber threats and incident reports increased in Q2, yet monetary losses dropped by 24%, with most under NZD $500.
2018 saw a surge in cyber threats with over 30 zero-day vulnerabilities and nearly 24,000 unique malware variants, Fortinet's report reveals.
New Zealand's MikroTik routers may be at risk of cryptomining attacks due to a global campaign targeting 157,000 devices, warns Symantec. Install patches.